Merkle Tree Digital Signature and Trusted Computing Platform

0 IntroductionDigital signatureis a key technique to provide datainteg-rity andsource authenticationcapabilities to enhance da-ta trustworthiness in trusted computing platform. Most cur-rent digital signature schemes are based on complex mathe-matical problems , such as integer factoring, discrete log-arithm,and discrete logarithm on elliptic curves . The hard-ness of these underlying mathematical problems is really un-certain at present . Merkle treeis a method used for authenti-cation and di…     

ISTC： A New Method for Clustering Search Results

A new common phrase scoring method is proposed according to term frequency-inverse document frequency （TFIDF） and independence of the phrase. Combining the two properties can help identify more reasonable common phrases, which improve the accuracy of clustering. Also, the equation to measure the in-dependence of a phrase is proposed in this paper. The new algorithm which improves suffix tree clustering algorithm （STC） is named as improved suffix tree clustering （ISTC）. To validate the proposed algorithm, a prototype system is implemented and used to cluster several groups of web search results obtained from Google search engine. Experimental results show that the improved algorithm offers higher accuracy than traditional suffix tree clustering.     

Improved Authenticated Multi-Key Agreement Protocol

Zhou et al give an attack on Ham＇s modified authenticated multi-key agreement protocol, and give a protocol that can prevent the unknown key-share attack. The paper points out that the protocol is vulnerable to a concatenation attack. This paper proposes an improved authenticated multi-key agreement protocol which shows how to make Harn＇s protocol more secure by modifying the signature and verification. And this protocol can escape the concatenation attack.     

An improved simple power attack against Camellia’s key schedule

This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.     

Specification and Verification for Semi-Structured Data

Tree logic, inherited from ambient logic, is introduced as the formal foundation of related programming language and type systems, In this paper, we introduce recursion into such logic system, which can describe the tree data more dearly and concisely. By making a distinction between proposition and predicate, a concise semantics interpretation for our modal logic is given. We also develop a model checking algorithm for the logic without △ operator. The correctness of the algorithm is shown. Such work can be seen as the basis of the semi-structured data processing language and more flexible type system.     

A New （ t, n） Threshold Signature Scheme Withstanding the Conspiracy Attack

A conspiracy attack is proposed to show that Wang-Li‘s scheme is insecure, because any t or more group members can impersonate other t members to sign any message without holding the responsibility. To avoid the conspiracy attack, this paper presents a new (t, n) threshold signature scheme with traceable signers.     

基于最小化攻击图的自动化渗透测试模型

完全攻击图在大规模网络上的应用效率并不理想,主机和漏洞数目的小幅增加导致时间消耗的大幅增加,最小化攻击图可以有效解决该问题．文章优化了最小化攻击图的生成算法并将其应用到渗透测试模型中,通过枚举路径为渗透测试提供测试方案,分析其关键节点提供防御部署的建议．重点解决了生成过程的冗余路径和循环攻击问题,同时利用最小化攻击图生成规模小、效率高的特点使渗透测试系统适用于大规模网络的应用．     

A Neural Network Approach for Misuse and Anomaly Intrusion Detection

An MLP(Multi-Layer Perceptron)/ Elman neural network is proposed in this paper, which realizes classification with memory of past events using the real-time classification of MI.P and the memorial functionality of Elman. The system‘s sensitivity for the memory of past events can be easily reconfigured without retraining the whole network. This approach can be used for both misuse and anomaly detection system. The intrusion detection systems(IDSs) using the hybrid MLP/Elman neural network are evaluated by the intrusion detection evaluation data sponsored by U. S. Defense Advanced Research Projects Agency (DARPA). The results of experiment are presented in Receiver Operating Characteristic (ROC) curves. The capabilites of these IDSs to identify Deny of Service(DOS) and probing attacks are enhanced.     

Secure localization algorithm based on node cooperative for sensor networks

As to the safety threats faced by sensor networks （SN）, nodes limitations of computation, memory and communication, a secure location algorithm （node cooperative secure localization, NCSL） is presented in this paper. The algorithm takes the improvements of SN location information security as its design targets, utilizing nodes＇ cooperation to build virtual antennae array to communicate and localize, and gains arraying antenna advantage for SN without extra hardware cost, such as reducing multi-path effects, increasing receivers＇ signal to noise ratio and system capa- bility, reducing transmitting power, and so on. Simulations show that the algorithm based on virtual antennae array has good localization ability with a at high accuracy in direction-of-arrival （DOA） estimation, and makes SN capable to resist common malicious attacks, especially wormhole attack, by using the judgment rules for malicious attacks.     

A Fast Distributed Algorithm for Association Rule Mining Based on Binary Coding Mapping Relation

Association rule mining is an important issue in data mining. The paper proposed an binary system based method to generate candidate frequent itemsets and corresponding supporting counts efficiently, which needs only some operations such as ＂and＂, ＂or＂ and ＂xor＂. Applying this idea in the existed distributed association rule mining al gorithm FDM, the improved algorithm BFDM is proposed. The theoretical analysis and experiment testify that BFDM is effective and efficient.     

一种高效的攻击树串行建模方法

为克服传统并行结构攻击树效率低、实用性差等问题,通过引入攻击序列,提出一种具有普适性的串行攻击树模型及其构建方法,并对每个叶子节点定义了其权重,从而对攻击单元效能进行量化分析;再利用Dijkstra算法计算攻击树模型中的最优路径,给出最佳攻击策略. 通过对具有20个叶子节点的攻击树模型进行建模和分析,结果表明,新模型比传统并行模型具有更大的收益,攻击复杂度比传统模型降低65%.      

Research of Dynamic Competitive Learning in Neural Networks

Introduce a method of generation of new units within a cluster and a algorithm of generating new clusters. The model automatically builds up its dynamically growing in ternal representation structure during the learning process. Comparing model with other typical classification algorithm such as the Kohonen‘s self-organizing map. the model realizes a multilevel classification of the input pattern with an optional accuracy and gives a strong support possibility for the parallel computational main processor. The idea is suitable for the high-level storage of complex datas structures for object recognition.     

Instantiate random oracles in OAEP with pseudorandom functions

This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding （OAEP） implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack （IND-CCA2） secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.     

An Analysis of International Data Encryption Algorithm（IDEA） Security against Differential Cryptanalysis

The security of international date encryption algorithm （IDEA（16））, a mini IDEA cipher, against differential cryptanalysis is investigated. The results show that [DEA（16） is secure against differential cryptanalysis attack after 5 rounds while IDEA（8） needs 7 rounds for the same level of security. The transition matrix for IDEA（16） and its eigenvalue of second largest magnitude are computed. The storage method for the transition matrix has been optimized to speed up file I/O. The emphasis of the work lies in finding out an effective way of computing the eigenvalue of the matrix. To lower time complexity, three mature algorithms in finding eigenvalues are compared from one another and subspace iteration algorithm is employed to compute the eigenvalue of second largest module, with a precision of 0.001.     

基于嵌入分层决策树的电网完整性保护

为了提升系统抗攻击能力以及泛化能力,提出了一种基于支持向量机嵌入分层决策树的多智能体电网抗攻击系统完整性保护方案。首先利用多智能体来增强系统完整性保护的网络弹性,重点是系统的态势感知和自适应能力。进一步将分布式系统完整性保护设置中的数据驱动异常检测问题转化为多分类问题。然后提出了一种支持向量机嵌入分层决策树的有监督学习算法和一种自适应的负荷卸载策略,以提升检测能力,减少时间成本。实验结果表明,所提出的系统完整性保护方案能够检测出电网的异常运行状态,并能够调整其补救措施,以适应各种网络攻击。     

TwigStack^＋： Holistic Twig Join Pruning Using Extended Solution Extension

XML has been used extensively in many applications as a de facto standard for information representation and exchange over internet. Huge volumes of data are organized or exported in tree-structured form and the desired information can be got by traversing the whole tree structure using a twig pattern query. A new definition, Extended Solution Extension, is proposed in this paper to check the usefulness of an element from both forward and backward directions. Then a novel Extended Solution Extension based algorithm, TwigStack^＋, is also proposed to reduce the query processing cost, simply because it can check whether other elements can be processed together with the current one. Compared with existing methods, query evaluation cost can be largely reduced. The experimental results on various datasets indicate that the proposed algorithm performs significantly better than the existing ones.     

无线网络中WEP攻击数据集的分析与实现

针对有线对等私密协议(wired equivalent privacy, WEP)下的无线安全漏洞与KDD99攻击数据集中攻击特征的构成, 利用人为构造的无线环境下WEP协议攻击实验, 基于特征选择算法, 完整地实现了WEP攻击数据的采集与特征提取, 并进一步构建了基于WEP协议的攻击数据集.     

基于权限提升矩阵的攻击图生成方法

目前的攻击图生成算法的复杂度较高,难以应用于大规模网络环境的攻击图生成.本文对攻击图构建过程进行了研究,在攻击模式库和目标环境描述模型的基础上,提出了基于权限提升矩阵的攻击图生成方法,以矩阵描述攻击过程中攻击者的权限提升过程,能够以较低的算法复杂度生成攻击图.搭建实验网络,验证了本文算法的攻击图生成过程.      

An Improved Genetic Algorithm for Problem of Genome Rearrangement

In view of the fact that the problem of sorting unsigned permutation by reversal is NP-hard, while the problem of sorting signed permutation by reversal can be solved easily, in this paper, we first transform an unsigned permutation of length n,π （π1 ,… ,πn）, into a set S（π） containing 2^n signed permutations, so that the reversal distance of π is equal to the reversal distance of the optimal signed permutation in S（π）. Then analyze the structural features of S（π） by creating a directed graph and induce a new computing model of this question. Finally, an improved genetic algorithm for solving the new model is proposed. Experimental results show that the proposed model and algorithm is very efficient in practice.